Primary

Context

Elastic Packetbeat Out-of-Bounds Read Vulnerability in NFS Protocol Dissector Leading to Denial-of-Service

Vulnerability

Patched

A buffer overflow vulnerability has been identified in Elastic Packetbeat versions 7.x, 8.x (8.0.0 through 8.19.8), and 9.x (9.0.0 through 9.1.8 and 9.2.0 through 9.2.2). This vulnerability arises from an out-of-bounds read in the NFS protocol dissector, allowing an unauthenticated remote attacker to perform a buffer overflow. Exploitation of this vulnerability leads to a denial-of-service condition, causing a reliable process crash when Packetbeat handles truncated XDR-encoded RPC messages via the NFS protocol.

Impact

Exploitation of this vulnerability causes a process crash, leading to a denial-of-service condition.

Remediation

Users can upgrade to Packetbeat versions 8.19.9, 9.1.9, or 9.2.3 to address this vulnerability.

Added: Dec 18, 2025, 10:21 PM

Updated: Dec 18, 2025, 10:21 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Elastic Packetbeat Out-of-Bounds Read Vulnerability in NFS Protocol Dissector Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Elastic Packetbeat

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating